package org.lyg.config;

import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.lyg.shiro.cache.impl.RedisShiroCacheManager;
import org.lyg.shiro.cache.impl.ShiroCacheManager;
import org.lyg.shiro.filter.UserValidFilter;
import org.lyg.shiro.realm.AuthRealm;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.Filter;

@Configuration
public class ShiroConfiguration {
    @Bean(name = "shiroFilter")
    public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") SecurityManager manager) {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        bean.setSecurityManager(manager);
        bean.setLoginUrl("/user/login");
        bean.setSuccessUrl("/home");
        bean.setUnauthorizedUrl("/unanth");
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        filterChainDefinitionMap.put("/admin/**", "roles[admin]");
        filterChainDefinitionMap.put("/blog/edit", "user");
        filterChainDefinitionMap.put("/blog/save", "user");
        filterChainDefinitionMap.put("/blog/manager", "user");
        filterChainDefinitionMap.put("/**", "anon");
        bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        Map<String, Filter> filters = new LinkedHashMap<>();
//        filters.put("userValidFilter",new UserValidFilter());
        bean.setFilters(filters);
        return bean;
    }


    @Bean(name = "securityManager")
    public DefaultWebSecurityManager securityManager(@Qualifier("authRealm") AuthRealm authRealm,
                                                     @Qualifier("rememberMeManager") CookieRememberMeManager rememberMeManager,
                                                     @Qualifier("shiroCacheManager") CacheManager cacheManager) {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(authRealm);
        manager.setRememberMeManager(rememberMeManager);
        manager.setCacheManager(cacheManager);
        return manager;
    }

    @Bean(name = "shiroCacheManager")
    public CacheManager getCacheManager() {
        CacheManager manager=new ShiroCacheManager();
        return manager;
    }

    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    /**
     * 浏览器关闭时失效此Cookie
     */
    @Bean
    public SimpleCookie sessionIdCookie() {
        SimpleCookie bean = new SimpleCookie("sid");
        bean.setHttpOnly(true);
        bean.setMaxAge(-1);
        return bean;
    }

    /**
     * 记住我的Cookie，保存30天
     */
    @Bean("rememberMe")
    public SimpleCookie rememberMeCookie() {
        SimpleCookie bean = new SimpleCookie("rememberMe");
        bean.setHttpOnly(true);
        //30天
        bean.setMaxAge(2592000);
        return bean;
    }

    @Bean("rememberMeManager")
    public CookieRememberMeManager rememberMeManager(@Qualifier("rememberMe") SimpleCookie rememberMe) {
        CookieRememberMeManager bean = new CookieRememberMeManager();
        bean.setCipherKey(Base64.decodeToString("MTIzNDU2NzgxMjM0NTY3OA==").getBytes());
        bean.setCookie(rememberMe);
        return bean;
    }
}
